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Abstract 

Maintenance  is  an  important  activity  in  industry  as  it  reduces 
costs  and  enhances  availability.  This  can  be  done  either  to 
revive  a  system/component  or  to  prevent  it  from  breaking 
down.  The  increasing  need  for  reliability  has  led  mainte¬ 
nance  strategies  to  evolve  from  corrective  to  condition-based 
and  predictive  maintenance.  The  key  process  of  the  latter  is 
prognostics  and  health  management,  a  tool  that  predicts  the 
remaining  useful  life  of  engineering  assets.  As  plants  are  re¬ 
quested  to  offer  both  safety  and  reliability,  planning  a  main¬ 
tenance  activity  requires  accurate  information  about  the  sys¬ 
tem/component  health  state.  Usually,  this  information  is  gath¬ 
ered  through  independent  sensors  or  a  wired  network  of  sen¬ 
sors.  The  use  of  a  wireless  sensor  network  has  many  advan¬ 
tages.  First  of  all,  the  absence  of  wires  gives  sensor  networks 
the  ability  to  cover  a  large  scale  surveillance  area.  Second,  it 
has  become  possible  to  monitor  hostile  and  inaccessible  areas 
by  simply  dropping  the  sensors  from  an  aircraft  to  the  moni¬ 
toring  region.  Finally,  the  accuracy  of  measurements  can  be 
improved  as  the  sensors  can  be  placed  at  specific  locations 
without  being  wired.  Even  though  the  deployment  of  wireless 
sensor  networks  is  gaining  great  importance  in  monitoring  ap¬ 
plications,  there  are  some  research  issues  that  still  need  to  be 
studied  to  provide  more  accurate  and  reliable  data.  Indeed, 
we  strongly  believe  that  a  good  prognostic  process  starts  with 
a  reliable  source  of  information;  the  wireless  sensor  network 
in  our  case.  For  this  matter,  in  this  paper,  we  discuss  the 
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dependability  of  wireless  sensor  networks,  we  highlight  the 
attributes  that  have  an  impact  on  data  accuracy,  and  present 
the  state  of  the  art  in  prognostics. 

1.  Introduction 

Industrial  systems  are  subject  to  failures,  which  can  be  ir¬ 
reversible  or  result  in  consequences  varying  from  minor  to 
severe.  From  this  context,  it  is  important  to  monitor  a  sys¬ 
tem,  assess  its  health,  and  plan  maintenance  activities  to  avoid 
“catastrophic”  failure  results. 

The  research  in  Prognostic  and  Health  Management  (PHM) 
field  has  led  to  the  development  of  prognostic  models  in  an 
attempt  to  predict  the  Remaining  Useful  Fife  (RUE)  of  ma¬ 
chinery  before  failure  takes  place.  A  maintenance  schedule 
is  then  decided  and  system  shutdown  is  prevented.  Yet,  if 
the  prediction  model  and  the  provided  measurements  are  not 
accurate,  it  is  possible  that  the  maintenance  activity  will  be 
performed  either  too  soon  or  too  late. 

Such  a  prediction  activity  requires  online  measurements  of 
the  operating  conditions  of  the  system  under  consideration. 
This  information  is  usually  gathered  by  the  means  of  sensor 
nodes.  In  this  study,  we  consider  the  case  where  the  nodes 
communicate  their  information  within  a  Wireless  Sensor  Net¬ 
work  (WSN).  Nevertheless,  a  WSN  is  prone  to  failure  due  to 
the  nature  of  communication  in  the  network  and  to  the  char¬ 
acteristics  of  its  devices.  For  this  reason,  before  deployment, 
a  prior  dependability  study  of  the  network  is  needed.  It  is  the 
only  way  to  guarantee  the  reception  of  accurate  data. 
Although  both  dependability  of  WSNs  and  prognostic  models 
development  have  been  studied  and  reported  in  the  literature, 
as  far  as  we  know,  none  of  the  existing  research  work  has 
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considered  the  dependability  of  WSNs  for  PHM  purposes.  In 
real  life  applications,  the  provided  data  can  be  inaccurate  and 
incomplete.  If  this  is  not  taken  into  consideration  while  build¬ 
ing  the  prognostic  model,  the  provided  results  cannot  be  re¬ 
liable.  Considering  the  limited  computational  capacities  of 
WSNs,  it  is  very  common  to  privilege  some  dependability 
issues  over  others,  regarding  the  target  applications  require¬ 
ments.  Thus,  it  is  crucial  to  consider  a  “prognostic-oriented” 
dependability  solution  for  WSNs. 

This  paper  presents  dependability  issues  with  WSNs,  that  are 
relevant  for  RUL  prediction,  and  discusses  different  prognos¬ 
tic  approaches.  The  remainder  of  the  paper  is  structured  as 
follows.  Section  2  presents  an  overview  of  wireless  sensor 
networks.  A  state  of  the  art  in  prognostics  and  health  man¬ 
agement  is  provided  in  Section  3.  The  relation  between  prog¬ 
nostics  and  WSN  dependability  and  the  remaining  challenges 
are  illustrated  in  Section  4.  Finally,  a  conclusion  is  given  in 
Section  5. 

2.  Overview  of  Wireless  Sensor  Networks 

WSNs  are  event-based  systems  that  rely  on  the  collective  ef¬ 
fort  of  several  microsensor  nodes  (Akan  &  Akyildiz,  2005). 
This  offers  the  network  greater  accuracy,  larger  coverage  area, 
and  the  possibility  to  extract  localized  features.  Typically,  a 
WSN  is  composed  of  few  base  stations  and  hundreds  (or  thou¬ 
sands)  of  sensor  nodes.  A  sensor  node  is  a  tiny  device  having 
the  capability  of  sensing  new  events,  computing  the  sensed 
values,  and  communicating  information.  Thus,  the  network 
can  be  deployed  to  monitor  physical  and  environmental  phe¬ 
nomena  such  as  temperature,  vibrations,  light,  humidity,  etc. 
There  are  different  settings  for  a  WSN  model,  which  is  gener¬ 
ally  dynamic,  as  radio  range  and  network  connectivity  evolve 
over  time.  A  network  model  can  be  either  hierarchical,  dis¬ 
tributed,  centralized,  heterogeneous,  or  homogeneous  (Z.  Li 
&  Gong,  2011). 

2.1.  Shortcomings  of  a  WSN 

WSNs  are  designed  for  an  efficient  event  detection.  They 
consist  of  a  large  number  of  sensor  nodes  deployed  in  a  surveil¬ 
lance  area  to  detect  the  occurrence  of  possible  events.  Such 
an  activity  necessitates  efficiency,  which  is  hard  to  achieve 
with  the  constraints  of  WSNs. 

Available  energy  is  a  big  limitation  to  WSN  capabilities.  In 
fact,  sensor  nodes  are  small  sized  devices,  resulting  in  tiny 
and  non-refillable  batteries  as  energy  supply  (Carman,  Kuus, 
&  Matt,  2000).  Moreover,  wireless  networks  are  vulnerable 
and  necessitate  security  codes.  Yet,  processing  security  func¬ 
tions,  transmitting  security  related  data,  and  securing  storage 
necessitate  extra  power,  which  is  critical  for  WSNs  (Carman 
et  al.,  2000;  Walters,  Liang,  Shi,  &  Chaudhary,  2007). 

The  wireless  communication  between  sensor  nodes  renders 
packet  loss  highly  probable.  The  absence  of  physical  con¬ 
nections  in  the  network  can  result  in  channel  errors,  missing 
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Figure  1.  Illustration  of  some  link  failures  in  a  WSN 


links,  and  network  congestion  and  cause  packet  drops.  In  ad¬ 
dition  to  this,  multi-hop  routing  and  node  processing  lead  to 
great  latency  and  transmission  errors  in  the  network. 

External  deployment  conditions  also  add  to  network  vulnera¬ 
bility.  WSNs  are  often  deployed  in  harsh  environments  where 
they  can  be  exposed  to  adversary  attacks.  Such  attacks  can 
cause  permanent  damage  to  the  hardware.  Thus,  the  network 
will  remain  unable  to  fulfill  the  intended  tasks  (Walters  et  ah, 
2007).  Since  the  network  is  managed  remotely,  the  sensor 
nodes  are  left  unattended  for  a  long  period.  It  is  yet  impossi¬ 
ble  to  detect  physical  tampering  and  to  perform  regular  main¬ 
tenance. 

In  Figure  1,  two  possible  causes  of  packet  loss  are  illustrated. 

In  the  first  case,  a  previously  established  link  between  the 
sensors  is  lost.  Once  the  parent  node  exhausts  its  energy, 
it  is  dropped  from  the  network.  As  a  result,  a  child  node 
can  no  longer  forward  the  sensed  data  and  the  previously  re¬ 
ceived  packets  are  permanently  lost.  In  the  second  case,  more 
than  one  sensor  node  simultaneously  try  to  send  data  packets 
to  the  same  parent,  resulting  in  a  network  congestion  and  a 
possible  loss  of  all  the  packets  being  forwarded  at  that  level. 
Considering  all  the  limitations  mentioned  above,  it  is  not  easy 
for  the  network  to  always  fulfill  the  intended  tasks.  Reliability 
and  efficiency  of  WSNs  are  dependent  on  key  issues,  which 
are  enumerated  in  the  following. 

2.2.  Dependability  issues 

Sensor  nodes  have  a  short  radio  range  and  they  collaborate  to 
cover  a  given  surveillance  area.  At  the  setup  phase,  it  is  cru¬ 
cial  to  ensure  that  the  network  covers  the  whole  area  (Tian  & 
Georganas,  2005).  The  coverage  problem  arises  as:  “how  to 
ensure  that,  at  any  time,  any  zone  in  the  network  is  covered 
by  at  least  one  sensor  node?” 

Zorbas  et  al.  (Zorbas,  Glynos,  &  Douligeris,  2007)  presented 
B{GOP},  a  centralized  coverage  algorithm  for  WSNs.  The 
algorithm  proposes  sensor  candidate  and  avoids  double-coverage 
depending  on  the  coverage  status  of  the  corresponding  field. 

In  (X.  Wang  et  al.,  2003),  Wang  et  al.  presented  a  protocol 
that  can  dynamically  configure  a  network  to  achieve  guaran¬ 
teed  degrees  of  coverage  and  connectivity.  They  gave  a  proof 
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that  sensing  coverage  range  does  not  need  to  be  more  than 
half  the  connectivity  range  in  the  network.  Thus,  their  proto¬ 
col  helps  preserve  energy  while  maintaining  coverage  in  the 
network. 

As  discussed  before,  available  energy  is  a  big  limitation  to 
WSNs.  In  order  to  prolong  the  network’s  lifetime,  a  possible 
solution  is  to  keep  a  minimum  number  of  sensor  nodes  in  ac¬ 
tive  mode.  As  WSNs  rely  on  nodes  density  in  the  sensing  and 
communicating  processes,  it  is  very  likely  that  some  nodes 
will  not  be  needed.  If  a  reliable  node  can  forward  data  pack¬ 
ets  toward  the  sink,  its  neighbors  can  switch  to  idle  state  tem¬ 
porarily.  Lifetime  optimization  using  knowledge  about  the 
dynamics  of  stochastic  events  has  been  studied  in  (He,  Chen, 
Li,  Shen,  &  Sun,  2012).  The  authors  presented  the  interac¬ 
tions  between  periodic  scheduling  and  coordinated  sleep  for 
both  synchronous  and  asynchronous  dense  static  sensor  net¬ 
work.  They  show  that  the  event  dynamics  can  be  exploited 
for  significant  energy  savings  by  putting  the  sensors  on  a  pe¬ 
riodic  on/off  schedule.  The  authors  in  (Kasbekar,  Bejerano, 
&  Sarkar,  2011)  leverage  prediction  to  prolong  the  network 
life  time,  by  exploiting  temporal-spatial  correlations  among 
the  data  sensed  by  different  sensor  nodes.  Based  on  Gaussian 
Process,  the  authors  formulate  the  issue  as  a  minimum  weight 
submodular  set  cover  problem  and  propose  a  centralized  and 
a  distributed  truncated  greedy  algorithms  (TGA  and  DTGA). 
They  prove  that  these  algorithms  obtain  the  same  set  cover. 
As  sensor  nodes  periodically  go  to  sleep,  they  need  to  be 
awake  when  they  are  requested  to.  This  is  done  by  the  trans¬ 
mission  of  wake-up  messages  towards  a  target  sensor.  How¬ 
ever,  if  the  message  is  not  received  at  the  right  moment,  data 
packets  will  be  dropped.  This  will  cost  the  network  extra  en¬ 
ergy  due  to  packet  retransmission  (Ye,  Zhong,  Cheng,  Lu, 
&  Zhang,  2003;  Gallais,  Carle,  Simplot-Ryl,  &  Stojmenovic, 
2006;  J.  Bahi,  Haddad,  Hakem,  &  Kheddouci,  2011). 

In  WSN,  if  the  wear-out  failures  are  not  taken  into  consider¬ 
ation  during  the  execution  of  the  involved  application,  some 
nodes  may  age  much  faster  than  the  others  and  become  the 
reliability  bottleneck  for  the  network,  thus  significantly  re¬ 
ducing  the  system’s  service  life.  In  the  literature,  this  prob¬ 
lem  has  been  formulated  and  studied  in  various  ways.  For 
instance,  prior  work  (He,  Chen,  Li,  et  al.,  2012;  He,  Chen, 
Yau,  Shao,  &  Sun,  2012;  Kasbekar  et  al.,  2011)  in  lifetime 
reliability  assumes  node’s  failure  rates  to  be  independent  of 
their  usage  times.  While  this  assumption  can  be  accepted 
for  memoryless  soft  failures,  it  is  obviously  inaccurate  for 
the  wear-out-related  fail-silent  (a  faulty  node  does  not  pro¬ 
duce  any  output)  and  fail-stop  (no  node  recovery)  failures, 
because  the  sensor  node’s  lifetime  reliability  will  gradually 
decrease  over  time.  To  cope  with  this  problem,  a  distributed 
self-stabilizing  and  wear-out-aware  algorithm  is  presented  in 
(J.  M.  Bahi,  Haddad,  Hakem,  &  Kheddouci,  2013).  This  al¬ 
gorithm  seeks  to  build  resiliency  by  maintaining  a  necessary 
set  of  working  nodes  and  replacing  failed  ones  when  needed. 
The  proposed  protocol  is  able  to  increase  the  lifetime  of  wire¬ 


less  sensor  networks,  especially  when  the  reliability  of  sensor 
nodes  is  expected  to  decrease  due  to  use  and  wear-out  effects. 

2.3.  Attacks  in  WSNs 

WSNs  suffer  from  limited  computation  capabilities,  a  small 
memory  capacity,  poor  energy  resources,  absence  of  infras¬ 
tructure,  and  susceptibility  to  physical  capture.  A  variety  of 
security  solutions  exists  for  infrastructureless  networks  (Ad 
hoc  networks).  Yet,  they  do  not  all  answer  the  security  chal¬ 
lenges  of  WSNs. 

WSNs  are  vulnerable  to  many  attacks,  due  to  their  uncon¬ 
trolled  environment  of  deployment,  the  limitation  of  their  re¬ 
sources,  and  the  broadcast  nature  of  transmission  medium. 
The  attacks  are  mainly  classified  under  two  categories:  phys¬ 
ical  attacks  and  non-physical  attacks. 

Examples  of  well-known  non-physical  attacks  in  WSNs  are: 
Denial  of  Service  (DoS)  attack,  (Walters  et  al.,  2007;  Wood 
&  Stankovic,  2002;  Kim,  Doh,  &  Chae,  2006),  sybil  attack, 
(Walters  et  al.,  2007;  Douceur,  2002;  Zhang,  Wang,  Reeves, 
&  Ning,  2005),  traffic  analysis  attack,  (Walters  et  al.,  2007; 
Deng,  Han,  &  Mishra,  2004),  and  node  replication  attack 
(Walters  et  al.,  2007;  Parno,  Perrig,  &  Gligor,  2005;  Bragin¬ 
sky  &  Estrin,  2002). 

2.4.  Dependability  of  WSNs 

The  dependability  of  a  WSN  is  a  property  that  integrates  the 
attributes  needed  for  the  application  to  be  justifiably  trusted. 
Such  a  network  should  be  able  to  deliver  a  correct  service 
-a  service  that  implements  the  system  function-  and  makes 
sure  that  a  failed  component  will  not  lead  to  system  failure. 
System  dependability  was  defined  by  Avizienis  in  (Avizienis, 
Lapire,  &  Randell,  2000)  as  “the  ability  of  a  system  to  avoid 
failures  that  are  more  frequent  or  more  severe,  and  outage  du¬ 
rations  that  are  longer,  than  is  acceptable  to  the  users”. 
Developing  a  dependable  WSN  starts  with  defining  the  de¬ 
pendability  requirements  of  users.  In  order  to  satisfy  these 
needs,  it  is  crucial  to  understand  what  might  stop  the  network 
from  delivering  a  correct  service.  In  the  following,  we  enu¬ 
merate  the  attributes  of  a  dependable  network. 

2.4.1.  Availability 

In  the  classical  definition,  a  network  is  considered  as  highly 
available  if  its  downtime  is  very  limited.  This  can  be  due  ei¬ 
ther  to  few  failures,  or  to  quick  restarts  when  failures  take 
place  (Knight,  2004;  Taherkordi,  Taleghan,  &  Sharifi,  2006). 
If  we  add  the  security  aspect,  we  can  define  availability  as 
readiness  for  correct  service  for  authorized  users.  This  at¬ 
tribute  can  be  computed  as  the  probability  that  the  network 
is  functioning  at  a  given  time  (Silva,  Guedes,  Portugal,  & 
Vasques,  2012). 
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2.4.2.  Reliability 

A  reliable  network  is  a  network  that  is  able  to  continuously 
deliver  a  correct  service.  It  can  also  be  defined  as  the  proba¬ 
bility  that  a  network  functions  properly  and  continuously  in  a 
time  interval  (Silva  et  al.,  2012;  Taherkordi  et  al.,  2006). 

Most  of  research  works  that  have  been  accomplished  so  far 
employ  retransmission  mechanisms  over  redundancy  schemes 
to  achieve  network  reliability  (Silva  et  ah,  2012).  The  main 
purpose  of  a  WSN  is  the  correct  delivery  of  data  packets  from 
sensor  nodes  to  end  user.  Thus,  reliability  of  WSNs  is  highly 
related  to  data  transport.  Reliability  can  be  classified  into  dif¬ 
ferent  levels:  packet  reliability,  event  reliability,  Hop-by-Hop 
reliability,  and  End-to-End  reliability. 

Both  packet  and  event  reliability  levels  deal  with  the  required 
amount  of  information  to  notify  the  sink  of  the  occurrence 
of  an  event  within  the  network  environment.  Whereas  the 
remaining  two  levels  (i.e.,  Hop-by-Hop  and  End-to-End  reli¬ 
ability  levels)  are  concerned  with  the  successful  recovery  of 
event  information.  Yet,  all  of  them  rely  on  retransmission  and 
redundancy  mechanisms. 

2.4.3.  Security 

WSNs  are  different  from  traditional  computer  networks.  There¬ 
fore,  existing  security  mechanisms  are  not  suitable  for  these 
networks.  Developing  adequate  security  measures  requires 
understanding  WSNs  constraints  related  to  security  issues. 

An  attack  on  a  network  can  be  extended  to  more  than  just 
modifying  the  data  packets  originally  circulating  in  the  net¬ 
work.  An  attacker  can  inject  additional  data  packets  to  disturb 
the  normal  function  of  the  network  and  tamper  with  the  deci¬ 
sion  making  process.  For  this  reason,  a  receiver  (i.e.,  node) 
must  be  sure  that  the  data  being  accepted  is  coming  from  a 
member  of  the  network.  Similarly,  a  sender  needs  to  verify 
that  the  reception  entity  is  whom  it  claims  to  be.  This  finality 
can  be  achieved  through  authentication. 

Benenson  et  al.  based  their  entity  authentication  on  elliptic 
curve  cryptography  (Benenson,  Gedicke,  &  Ravivo,  2005). 
Each  user  holds  a  legitimate  certificate,  which  is  the  public 
key  signed  by  a  certification  authority.  Every  node  can  verify 
the  legitimacy  of  the  users  since  the  public  key  with  the  sig¬ 
nature  are  preloaded  in  the  sensors.  Yet,  this  scheme  requires 
an  significant  overhead  for  data  encryption. 

One  of  the  most  important  issues  related  to  network  secu¬ 
rity  is  data  confidentiality,  and  it  refers  to  limiting  data  access 
to  legitimate  destinations.  Keeping  data  packets  confidential 
mainly  means  that: 

•  Sensor  readings  can  only  be  performed  by  the  legitimate 
destination;  a  sensor  node  holding  information  must  not 
leak  information  to  its  neighbors. 

•  Communication  channel  has  to  be  secured,  especially 
when  the  data  being  communicated  is  highly  sensitive. 

•  The  network  needs  to  achieve  confidentiality  by  encrypt¬ 


ing  data  during  transmissions. 

In  (J.  M.  Bahi,  Guyeux,  &  Makhoul,  n.d.),  Bahi  et  al.  argue 
that  in-network  communication,  node  scheduling,  and  data 
aggregation  need  to  be  proven  as  secure.  For  this  matter,  they 
proposed  a  security  framework  for  wireless  sensor  networks. 
The  authors  proved  that  in-network  communication  answers 
to  security  objectives  (indistinguishability,  non-malleability, 
detection  resistance).  In  addition  to  this,  the  proposed  algo¬ 
rithm  is  able  to  aggregate  data  over  encrypted  packets. 

2.4.4.  Defensive  measures 

Key  establishment  techniques  have  received  great  attention 
for  many  years.  Nevertheless,  WSN  applications  are  rela¬ 
tively  recent.  Besides,  the  features  of  these  networks  are  dif¬ 
ferent  from  traditional  networks.  Therefore,  preexisting  tech¬ 
niques  for  key  establishment  are  an  unsuitable  solution  for 
WSNs  applications.  Traditionally,  key  exchange  techniques 
use  asymmetric  cryptography  (public  key  cryptography).  Un¬ 
fortunately,  low  power  WSNs  are  unable  to  handle  such  a 
computationally  intensive  technique. 

The  easiest  way  for  encryption  keys  distribution,  is  to  estab¬ 
lish  one  single  key  for  the  entire  network  and  forward  it.  It  is 
easy  to  notice  that  this  method  is  inefficient  as  one  node  can 
compromise  the  entire  network. 

An  alternative  solution  that  can  be  adopted  is  symmetric  en¬ 
cryption  key.  This  technique  secures  communication  between 
two  hosts  as  they  share  a  private  key  that  is  not  recognized  by 
the  rest  of  the  network.  This  key  will  be  used  for  both  data 
encryption  and  decryption. 

Another  possibility  is  random  probabilistic  key  distribution 
scheme.  The  initialization  stage  starts  with  preloading  in  ev¬ 
ery  sensor  node  a  maximum  number  of  keys  (with  respect  to 
the  memory).  This  is  done  in  a  way  that  two  sets  of  keys  (in 
two  different  nodes)  will  at  least  share  one  key.  By  broad¬ 
casting  the  identity  of  the  keys,  every  node  can  discover  the 
neighbors  with  which  it  can  exchange  information.  Now,  ev¬ 
ery  node  can  only  communicate  with  its  legitimate  neighbors; 
a  link  only  exists  between  nodes  sharing  a  key.  It  is  now  pos¬ 
sible  for  a  sensor  node  to  safely  establish  a  link  with  a  target 
node  by  secretly  sharing  a  key  via  their  neighbors  (Z.  Li  & 
Gong,  2011). 

3.  Prognostics  and  Health  Management:  State 
of  the  Art 

Maintenance  is  an  important  activity  in  industry.  It  is  per¬ 
formed  either  to  revive  a  machine/component,  or  to  prevent  it 
from  breaking  down.  Different  strategies  have  evolved  through 
time,  bringing  maintenance  to  its  current  state.  This  evolution 
was  due  to  the  increasing  demand  of  reliability  in  industry. 
Nowadays,  plants  are  required  to  avoid  shutdowns  while  of¬ 
fering  both  safety  and  reliability  (Peng,  Dong,  &  Zuo,  2010). 
The  first  form  of  maintenance  is  corrective  maintenance.  In 
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Figure  3.  An  illustration  of  RUL  with  uncertainties 


3.1.  PHM:  definitions 


Figure  2.  CBM  Flowchart 


this  strategy,  actions  are  only  taken  when  the  system  breaks 
and  can  no  longer  perform  the  intended  tasks.  Yet,  plants 
cannot  afford  to  undergo  breakdowns;  in  fact,  sudden  shut¬ 
downs  cost  money  and  time,  in  addition  to  safety  and  clients’ 
trust.  As  a  remedy  to  this  problem,  maintenance  became  a 
periodic  activity.  Domain  experts  rely  on  their  knowledge 
and  the  observation  of  upcoming  events  to  set  time  inter¬ 
vals  in  which  the  components  are  inspected  and  replaced  if 
needed.  This  preventive  (often  called  periodic)  maintenance 
is  especially  adopted  by  transportations  and  nuclear  plants 
(Hu,  Youn,  Wang,  &  Yoon,  2012).  The  main  drawback  of  pre¬ 
ventive  maintenance  is  the  fact  that  it  is  performed  regardless 
of  the  machine’s  condition.  In  other  words,  industrials  have  to 
hire  domain  experts  in  order  to  set  intervals  for  maintenance. 
Sometimes,  this  is  unnecessary  as  the  machine  can  be  in  a 
healthy  state  and  this  will  cost  extra  and  avoidable  fees.  Be¬ 
sides,  even  with  periodic  maintenance  and  inspections,  ran¬ 
dom  failures  still  occur.  This  is  why  Condition  Based  Main¬ 
tenance  (CBM)  was  proposed  and  developed  in  early  nineties 
(Heng,  Zhang,  Tan,  &  Mathew,  2009). 

CBM  is  a  proactive  precess  for  maintenance  scheduling,  based 
on  real-time  observations.  It  is  an  online  model  that  assesses 
machine’s  health  through  condition  measurements.  As  any 
maintenance  strategy,  CBM  aims  at  increasing  the  system  re¬ 
liability  and  availability.  The  benefits  of  this  particular  strat¬ 
egy  include  avoiding  unnecessary  maintenance  tasks  and  costs, 
as  well  as  not  interrupting  normal  machine  operations  (Heng 
et  al.,  2009). 

In  order  to  be  efficient,  a  CBM  program  needs  to  go  through 
the  steps  illustrated  in  Figure  2  (Jardine,  Lin,  &  Banjevic, 
2006). 


The  terms  diagnostics  and  prognostics  are  widely  used.  Though, 
the  difference  between  these  two  concepts  is  sometimes  vague. 
However,  it  is  important  to  specify  the  difference  as  it  is  the 
key  to  perform  a  good  PHM. 

PHM  is  the  core  activity  of  CBM,  and  it  implies  the  same 
steps,  namely:  data  processing,  health  assessment,  diagnos¬ 
tics,  prognostics,  and  decision  making  support. 

While  diagnostics  aims  at  identifying  and  quantifying  an  ac¬ 
tual  failure,  prognostics  have  the  goal  of  anticipating  fail¬ 
ures.  Several  definitions  concerning  prognostics  exist  in  the 
literature  (IS013381-1,  2004;  D.  Tobon-Mejia,  Medjaher,  & 
Zerhouni,  2012;  D.  A.  Tobon-Mejia,  Medjaher,  Zerhouni,  & 
Tripot,  2012;  Zio  &  Maio,  2010;  Jardine  et  ah,  2006).  Prog¬ 
nostics  considers  past  events,  the  machine’s  current  state,  and 
operating  conditions  to  estimate  the  Remaining  Useful  Life 
(RUL).  This  estimation  is  done  by  inspecting  the  evolution  of 
continuous  measurements  of  parameters  that  need  to  be  mon¬ 
itored  in  time  to  assess  the  machine’s  state.  These  parameters 
can  be  temperature,  humidity,  vibration,  pressure,  and  so  on. 

A  monitored  parameter  has  a  fixed  threshold.  Once  reached, 
an  alarm  goes  off  indicating  that  a  symptom  of  system  dete¬ 
riorating  has  been  detected.  The  RUL  is  then  computed  with 
an  associated  confidence  limit.  The  latter  information  illus¬ 
trates  to  what  point  the  predictions  are  trustworthy.  The  un¬ 
certainties  of  the  RUL  predictions  have  two  causes:  either  the 
threshold  value  of  monitored  parameter,  or  the  RUL  predic¬ 
tion  itself. 

In  Figure  3,  we  can  observe  the  uncertainties  that  can  be  re¬ 
lated  to  RUL  prediction. 

In  (ISO  13381-1,  2004),  the  necessary  pre-requisites  for  reli¬ 
able  prognostics  are  proposed. 

3.2.  Classifying  approaches 

Prognostics  approaches  are  classified  under  groups  employ¬ 
ing,  more  or  less,  the  same  techniques.  Nevertheless,  re¬ 
searchers  use  different  classifications  (Jardine  et  al.,  2006), 
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(Hcng  et  al.,  2009),  (Peng  et  al.,  2010),  (Sikorska,  Hodkiewicz, 

&  Ma,  201 1),  (Cadini,  Zio,  &  Avram,  2009),  (Hu  et  al.,  2012), 

(D.  Tobon-Mejia  et  al.,  2012).  More  details  on  each  approach 
can  be  found  in  the  given  references. 

In  this  paper,  we  consider  four  groups:  Physical  models.  Knowledge- 
based  models.  Data-driven  models,  and  Hybrid  models.  They 
are  detailed  in  the  following  sections. 

3.2.1.  Physical  models: 

Physical  models  rely  on  mathematical  models  to  describe  the 
physics  of  a  failure,  and  are  developed  by  domain  experts. 

The  first  condition  for  a  reliable  model  is  a  good  understand¬ 
ing  of  the  behavior  of  the  system  responding  to  stress.  The 
description  of  the  behavioral  models  is  carried  out  via  differ¬ 
ential  equations,  state-space  methods,  or  simulations. 

Physical  models  are  considered  if: 

•  the  mathematical  model  of  the  system  is  known; 

•  the  failure  mode  is  well  understood; 

•  a  physical  model  for  each  failure  mode  is  available; 

•  the  operating  conditions  can  be  monitored;  and 

•  data  describing  the  conditions  related  to  each  process 
isavailable. 

Examples  of  model-based  prognostics  are  given  in  (Y.  Li, 
Billington,  Kurfess,  Danyluk,  &  Liang,  1999),  (Byington, 
Watson,  Edwards,  &  Stoelting,  2004),  (Cempel,  Natke,  & 
Tabaszewski,  1997),  (Qiu,  Zhang,  Seth,  &  Liang,  2002). 

3.2.2.  Knowledge-based  models: 

Since  it  is  hard  to  build  an  accurate  physical  model  for  com¬ 
plex  industrial  systems,  the  employment  of  the  latter  is  lim¬ 
ited.  Besides,  it  is  impossible  to  apply  a  developed  model  to 
a  different  component.  Other  methods,  such  as  knowledge- 
based  ones,  appear  to  be  promising  as  they  require  no  physi¬ 
cal  model. 

In  the  following,  two  examples  of  this  model  are  presented. 

•  Expert  systems 

Since  late  1960s,  expert  systems  seemed  to  be  suitable 
for  problems  usually  solved  by  domain  specialists.  These 
models  consist  of  computer  system,  designed  to  display 
expert  knowledge.  This  knowledge  is  extracted  by  do¬ 
main  specialists  and  organized  into  rules  learned  by  the 
computer  to  generate  solutions. 

The  rules  have  the  form  of: 

IF  condition,  THEN  consequence 
Such  a  rule  is  strict  and  does  not  adapt  to  any  changes  in 
operating  conditions.  The  only  way  to  adapt  the  model 
to  new  situations  is  to  add  new  rules  whenever  a  new 
condition  is  observed.  This  can  lead  to  a  combinatorial 


explosion,  given  that  a  rule  is  required  for  every  possible 
combination  of  inputs.  Another  limitation  of  this  model 
is  that  it  is  only  as  good  as  its  developers. 

Luzzy  logic 

It  is  a  form  of  probabilistic  knowledge,  where  the  rules 
are  approximate  rather  than  fixed  and  exact.  It  was  in¬ 
troduced  by  Zadeh  in  1965  (Zadeh,  1965).  The  differ¬ 
ence  between  fuzzy  logic  and  classical  predicate  logic, 
is  the  use  of  fuzzy  sets  rather  than  discrete  values  stand¬ 
ing  for  true  or  false.  In  a  fuzzy  set,  variables  member¬ 
ship  is  defined  based  on  their  degree  of  truth.  The  truth 
value  ranges  from  0  (completely  wrong)  to  1  (completely 
true). The  rules  may  look  like: 

IF  condition  “A”  AND  condition  “B”  THEN 
consequence. 

The  description  associated  to  the  parameters  differs  from  the 
description  used  with  expert  system  rules.  Here  is  an  example 
to  illustrate  the  difference: 

Expert  system: 

IF  engine  is  hot  THEN  shutdown 

Fuzzy  logic: 

IF  engine  is  slightly  hot  AND  temperature  is  rising  THEN 
cool  down  the  system 

This  new  way  of  introducing  rules  gives  the  computer  a  very 
human-like  and  intuitive  way  of  reasoning  with  incomplete, 
noisy,  and  inaccurate  information.  As  a  result,  fault  detection 
and  prediction  are  more  accurate,  and  for  this  reason,  fuzzy 
logic  is  usually  incorporated  with  other  techniques. 

Even  though  this  method  can  only  be  developed  by  domain 
experts,  it  is  easy  to  understand  the  developed  rules.  It  is  not 
only  recommended  because  it  covers  a  large  set  of  operating 
conditions,  but  also  because  of  its  efficiency  when  it  is  im¬ 
possible  to  build  a  mathematical  model  or  when  data  contains 
high  levels  of  uncertainties  and  noise. 

3.2.3.  Data-driven  models: 

In  data-driven  approaches,  models  are  directly  derived  from 
condition  monitoring  data,  based  on  statistical  and  machine 
learning  techniques.  These  models  have  a  double  role:  assess 
current  operating  conditions  and  predict  the  RUL.  Neither  hu¬ 
man  expertise  nor  comprehensive  system  physics  are  needed 
for  the  prognostic  model  building  process. 

A  data-driven  prognostic  model  transforms  raw  data  provided 
by  the  monitoring  system  into  useful  information,  which  com¬ 
bined  with  historical  records,  helps  building  a  behavioral  model 
and  performing  predictions.  The  data-driven  approach  is  pop¬ 
ular  and  widely-used  because  it  offers  a  reasonable  tradeoff 
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between  complexity  and  precision.  This  approach  remains 
the  best  solution  when  obtaining  reliable  sensor  data  is  much 
easier  than  constructing  mathematical  behavioral  models.  Nev¬ 
ertheless,  accuracy  depends  on  many  factors. 


•  The  training  set:  normally,  an  efficient  training  requires 
a  large  set  of  inputs.  It  is  not  easy  to  decide  whether  the 
amount  of  inputs  we  dispose  of  is  enough  for  training  a 
reliable  model  or  not. 

•  Operating  conditions:  manufacturing  conditions  change 
all  the  time,  so  do  the  environmental  and  operational  con¬ 
ditions.  All  these  changes  may  lead  to  uncertainties  in 
the  predictions  as  they  refer  to  new  situations  that  may 
not  be  recognizable  by  the  model. 

•  Sensory  signals:  the  amount  of  effective  sensory  data 
available  when  prediction  is  performed  has  an  impact  on 
accuracy. 

•  Degradation  trend:  RUL  prediction  relies  on  historical 
data  and  past  events.  As  shown  in  Figure  3,  the  pre¬ 
diction  is  an  extrapolation  of  what  we  observe  up  to  the 
present  moment.  If  the  degradation  trend  is  highly  simi¬ 
lar  to  a  trend  the  model  can  recognize,  prediction  can  be 
accurate  (and  inversely  so). 


Figure  4.  Categories  for  prognostic  models 


Hybrid  models  aim  at  improving  prediction  quality  by  provid¬ 
ing  more  accurate  RUL.  All  research  works  agree  that  physi¬ 
cal  models  guarantee  the  most  precise  prediction.  Neverthe¬ 
less,  even  with  good  output  quality,  the  complexity  is  too  sig¬ 
nificant  to  ignore.  This  complexity  can  be  reduced  by  adopt¬ 
ing  a  data-driven  approach.  Thus,  we  can  benefit  from  the 
merits  of  both  prognostic  approaches. 

When  physical  understanding  of  failure  mechanism  and  mon¬ 
itoring  data  are  available,  a  hybrid  approach  is  the  best  solu¬ 
tion  offering  a  compromise  between  model  complexity  and 
prediction  accuracy. 

In  Figure  4  we  illustrate  the  categories  for  prognostic  models. 


Examples  of  the  developed  methods  reported  in  the  literature 


are: 


•  Aggregate  reliability  functions  (Crevecoeur,  1993),  (Duane, 
1964),  (Goode,  Moore,  &  Roylance,  2000) 

•  Artificial  neural  networks  ANN  (Huang  et  ah,  2007),  (Herzog. 
Marwala,  &  Heyns,  2009),  (W.  Wang,  Golnaraghi,  &  Is¬ 
mail,  2004) 

•  Autoregressive  moving  average  ARMA  (Wu,  Hu,  &  Zhang, 
2007),  (Yan,  Koc,  &  Lee,  2004) 

•  Bayesian  techniques  (Cadini  et  ah,  2009),  (Kallen  &  van 
Noortwijk,  2005),  (Weidl,  Madsen,  &  Israelson,  2005) 

•  Hidden  markov  and  hidden  semi-markov  models  (Bunks, 
McCarthy,  &  Al-Ani,  2000),  (Baruah  &  Chinnam,  2005), 
(Medjaher,  Tobon-Mejia,  &  Zerhouni,  2012) 

•  Proportional  hazards  models  (Z.  Li,  Zhou,  Choubey,  & 
Sievenpiper,  2007),  (Liao,  Zhao,  &  Guo,  2006),  (Makis 
&  Jiang,  2003) 

•  Trend  extrapolation  (Batko,  1984),  (Kazmierczak,  1983), 
(C.Cempel,  1987) 

3.2.4.  Hybrid  models: 

Usually,  prognostic  activity  does  not  consider  one  parameter. 

The  monitored  parameters  are  diversified,  making  it  hard  to 

study  failure  behavior  using  only  one  model. 


4.  WSNS  FOR  INDUSTRIAL  PHM  AND 
CHALLENGES  AHEAD 

Reliability  has  become  very  essential  in  industry.  It  is  a  means 
to  financial  gain  in  addition  to  client  trust.  The  research  in 
the  prognostic  field,  over  the  past  years,  resulted  in  a  vari¬ 
ety  of  tools  and  techniques  offering  plants  the  possibility  to 
’survey  their  systems,  anticipate  failures,  and  schedule  main¬ 
tenance.  As  the  existent  tools  are  different  from  one  another, 
they  have  different  advantages,  drawbacks,  complexities,  etc. 
Data  driven  prognostic  models  drew  a  great  deal  of  attention 
due  to  their  low  cost,  low  complexity,  and  easy  deployment. 
The  prediction  model  will  first  acquire  information  about  the 
monitored  system,  assess  the  current  state,  and  then  extrapo¬ 
late  its  future  health  state. 

WSNs  are  mainly  designed  for  surveillance  purposes.  They 
can  be  deployed  in  many  fields  such  as  military,  automotive, 
agriculture,  medicine. ..(Z.  Li  &  Gong,  2011).  Recently,  in¬ 
dustry  has  given  WSN  monitoring  applications  a  great  deal  of 
attention.  Nowadays,  sensor  networks  are  used  to  monitor  in¬ 
dustrial  machinery  for  maintenance  scheduling.  The  sensors 
deployed  to  survey  the  system/component  will  provide  data 
to  estimate  the  RUL.  Nevertheless,  if  this  data  is  inaccurate, 
the  prediction  based  on  it  will  not  be  relevant.  The  depend¬ 
ability  requirements,  discussed  before,  need  to  be  considered 
before  the  network  starts  running.  Thereby,  they  can  provide 
accurate  data  for  RUL  prediction  and  maintenance  schedul¬ 
ing.  Despite  the  existence  of  many  dependability  solutions  in 
WSNs,  these  solutions  are  not  always  applicable.  As  sensors 
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have  restricted  computational  capabilities,  solutions  are  often 
application  oriented.  Thus,  a  definition  of  dependability  is¬ 
sues  related  to  prognostics  is  essential. 

Many  aspects  still  need  further  studying  in  order  to  provide 
more  reliable  predictions.  How  can  we  explore  available  data? 
How  can  we  consider  operating  conditions  in  RUL  predic¬ 
tion?  How  can  we  allow  multiple  interactions  while  building 
a  model?  All  these  questions  still  need  answers. 

Data-driven  models  are  designed  to  reduce  model  complex¬ 
ity  and  enhance  real-time  maintenance.  For  this  matter,  they 
only  provide  general  predictions  for  a  population  of  identical 
units;  this  makes  prediction  process  easier  and  faster. 

In  the  literature  of  prognostics,  it  is  very  common  that  the 
causes  of  a  failure  are  limited  to  the  values  of  monitored  pa¬ 
rameters.  Other  factors,  although  responsible  for  failures, 
seem  to  be  neglected  and  overlooked.  Although  Condition 
Monitoring  (CM)  data  reflects  online  monitoring,  it  does  not 
replace  reliability  data.  In  fact,  CM  data  provides  measure¬ 
ments  informing  about  a  single  component  state  at  a  specific 
moment.  A  failure  does  not  only  consider  a  single  parame¬ 
ter  (pressure,  humidity...),  it  is  a  consequence  of  many  factors 
(component  age,  different  failing  components...). 

Reliability  data,  informing  about  all  these  factors,  gives  a 
bigger  picture  of  the  failing  process.  We  are  not  neglecting 
the  importance  of  CM  data  for  prognostic  process.  However, 
while  CM  data  provides  information  for  short-term  predic¬ 
tion,  reliability  data  is  able  to  extend  these  predictions  until 
the  next  maintenance  window.  The  complete  neglection  of 
operating  conditions,  operating  age,  and  interactions  between 
failures  can  only  limit  the  application  of  developed  models  to 
real  machines.  Operating  conditions  are  constantly  changing, 
and  if  the  model  is  unable  to  consider  these  changes,  it  is  un¬ 
able  to  produce  reliable  estimations.  Furthermore,  if  we  ob¬ 
serve  two  similar  components  with  different  operating  ages 
and  operating  under  similar  conditions,  we  will  notice  that 
they  will  not  fail  at  the  same  time.  Operating  age  definitely 
has  an  influence  on  time  to  failure.  An  internal  failure  can 
even  accelerate  or  provoke  another  one. 

Another  issue  to  face  while  performing  prognostics,  is  cen¬ 
sored  data.  Many  plants  do  not  allow  their  system  to  run 
to  failure.  Components  are  often  replaced  before  they  actu¬ 
ally  fail.  As  a  result,  the  real  time  to  failure  is  not  recorded. 
The  performed  preventive  maintenance  is  mistaken  for  fail¬ 
ure  time,  and  RUL  prediction  is  based  upon  that  time.  The 
value  of  RUL  is  critical  for  maintenance  scheduling.  In  other 
words,  the  less  accurate  the  prediction,  the  less  reliable  the 
maintenance  schedule  will  be. 

Maintenance  scheduling  is  the  reason  behind  building  prog¬ 
nostic  models.  Once  accomplished,  the  maintenance  actions 
are  not  always  considered  in  the  model  and  generally,  the  re¬ 
lated  component  is  considered  “as  good  as  new”.  It  is  very 
important  to  consider  the  effects  of  maintenance  actions  in 
the  prediction  model,  at  least  to  evaluate  the  model  efficiency 
and  study  the  new  failure  behavior  after  the  maintenance  be¬ 


ing  performed. 

What  also  drew  our  attention  are  the  assumptions  made  to 
perform  predictions.  To  the  best  of  our  knowledge,  none  of 
the  previous  research  works  has  questioned  the  availability, 
safety,  and  security  of  data  used  for  RUL  prediction.  It  is 
assumed  that: 

•  Sensory  data  is  available  and  there  is  no  data  loss. 

•  The  sensor  network  is  reliable. 

•  There  is  no  fault  in  the  sensors. 

•  There  is  no  constraint  on  energy  consumption 

So  far,  all  prognostic  work  is  limited  to  the  condition  moni¬ 
toring  layer,  the  health  assessment  layer,  and  the  prognostic 
layer  of  the  Open  System  Architecture  for  Condition-Based 
Maintenance  OSA-CBM  (Thurston,  2001;  Niu  &  Yang,  2010). 
As  RUL  prediction  concerns  results  that  are  yet  to  come,  it 
has  to  rely  on  assumptions.  Nevertheless,  these  assumptions, 
in  no  way,  reflect  a  real  life  situation.  The  application  of 
Wireless  Sensor  Networks  (WSN)  is  very  critical.  First  of  all, 
the  sensors  size  is  very  small.  So  they  have  very  small  batter¬ 
ies  with  limited  disposable  energy.  If  the  communication  in 
the  network  does  not  consider  this  limitation,  the  sensors  will 
quickly  consume  all  the  energy  they  have  and  be  dropped. 
Thus,  the  information  will  no  longer  circulate  in  the  network. 
Still,  an  energy  efficient  WSN  will  not  stop  some  nodes  from 
being  dropped.  This  means  that  the  network  has  to  be  fault 
tolerant  in  order  to  be  able  to  pursue  its  functionalities  in  case 
of  any  sudden  events  (sensor  loss,  interferences...).  Besides, 
like  all  wireless  networks,  WSN  can  be  hacked.  Competitors 
and  hackers  can  steal  information,  change  data,  cause  dam¬ 
age  to  the  system...  Data  circulating  in  the  network  needs  to 
be  secured  against  such  attacks. 

Many  research  works  have  been  done  in  the  field  of  WSN 
reliability.  But  every  application  has  its  own  features,  and 
generalized  solutions  do  not  always  solve  the  problem.  An 
adapted  solution  for  prognostics  needs  and  goals  should  be 
considered. 

5.  Conclusion 

Condition-based  maintenance  is  an  important  tool  for  mod¬ 
ern  plants  in  order  to  optimize  their  maintenance  schedule. 
An  appropriate  schedule  is  reflected  by  the  economical  bene¬ 
fits.  This  paper  went  through  the  CBM  process  and  its  differ¬ 
ent  steps  leading  to  prognostics,  and  presented  the  different 
methods  used  in  the  literature  of  the  latter  to  estimate  the  re¬ 
maining  useful  life.  Choosing  one  model  over  another  mainly 
depends  on  (1)  the  available  information  to  perform  predic¬ 
tions  and  to  study  the  systems  behavior,  (2)  the  complexity  of 
the  model,  and  (3)  preferences  regarding  the  domain  of  appli¬ 
cation,  advantages  and  drawbacks  of  each  model. 

This  paper  also  highlighted  the  fact  that  prognostic  field  still 
needs  several  improvements.  RUL  predictions  cannot  be  ac- 
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curate  if  several  points  are  not  considered  while  building  a 
model,  namely  (1)  WSN  dependability,  (2)  securing  data,  (3) 
including  event  data  and  censored  data  in  the  prediction  pro¬ 
cess,  and  (4)  model  updates. 

A  discussion  of  dependability  in  WSNs  is  also  given  in  this 
paper.  In  order  to  build  a  dependable  network  several  at¬ 
tributes  need  to  be  considered:  (1)  network  availability,  (2) 
network  reliability,  and  (3)  network  security.  These  attributes 
are  the  key  for  accurate  data  and  reliable  predictions. 
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